Staff Product Security Architect
Fastly helps people stay better connected with the things they love. Fastly’s edge cloud platform enables customers to create great digital experiences quickly, securely, and reliably by processing, serving, and securing our customers’ applications as close to their end-users as possible — at the edge of the Internet. The platform is designed to take advantage of the modern internet, to be programmable, and to support agile software development. Fastly’s customers include many of the world’s most prominent companies, including Vimeo, Pinterest, The New York Times, and GitHub.
We're building a more trustworthy Internet. Come join us.
Staff Product Security ArchitectAs a Staff Product Security Architect at Fastly you will help ensure we provide a secure edge for one of the biggest online platforms in the world, handling extensive amounts of traffic at very low latency. Fastly’s Security Architecture Team fosters security throughout all areas of Fastly’s applications and infrastructure. Fastly believes that security is everyone’s responsibility and you will be empowering all of Fastly to live up to that responsibility. Qualified candidates will excel at analyzing the design of our software and implementations, and will show an aptitude for discovering complex security issues.
This position will be based in any of our following locations: New York, Denver, San Francisco, Los Angeles
This is a role which has a high impact on human lives. You will be supported by a friendly security team, where you can learn and develop. We check our egos at the door. You’ll make sure our customers benefit from a service built to the highest security standards in the industry. We pride ourselves in our involvement in the larger security community and encourage our team to present at network and security conferences and participate in the open source community. We are a distributed security team with the commitment and tools in place to make it work.
What You’ll Do
In this role, you will enhance the security of Fastly’s network and infrastructure services products by working closely with engineering and product teams to integrate security into the design and development of Fastly systems.
- Perform security-focused architecture and design reviews of services, platform and infrastructure resources as part of Fastly’s security review process and coordinate with engineering teams to develop and integrate secure-by-design principles into engineering builds.
- Partner with product and engineering teams to identify security threats to Fastly’s infrastructure as part of the threat modeling process and define tactical and strategic mitigation plans to assist with remediation.
- Perform secure code and configuration reviews on services and infrastructure resources and provide recommendations that strengthen Fastly’s security posture.
- Influence product design paradigms to incorporate security best practices and drive requirements for security into the release cycle.
- Maintain a clear view of the overall product development roadmap and associated product lifecycle to ensure security is appropriately incorporated throughout.
- Become a domain expert in the content delivery network (CDN) and infrastructure product verticals and represent that knowledge with prospects, customers, and auditors.
- Research and understand new threats and attack vectors that impact Fastly and work with system owners to design appropriate prevention, detection and remediation initiatives.
- Involvement in Fasty’s Secure SDLC, focusing on both collaborative hands-on design work and training initiatives across the company.
- Influence Fastly’s security strategy by leveraging the collective strength of the security team and articulating the capabilities needed to effectively manage cyber threats.
What We’re Looking For
At Fastly we value a diversity of voices. The following is not a laundry list, but to be effective in this role you should possess most of the following and an interest in learning more about the rest:
- Have 5-7 years of relevant experience and a Bachelor's degree in Computer Science or equivalent.
- Strong grasp at all layers of the information security stack including hands-on security engineering.
- Extensive experience performing threat modeling, secure code reviews and designing security controls to mitigate vulnerabilities and deficiencies for new and existing cloud-based products.
- Working knowledge of how to design security controls for multi-tenant general compute services, reverse proxies, microservices architectures, containerization and modern API protocols.
- Strong understanding of certificate authorities, digital certificates and public key infrastructure and how they operate in a client - server environment.
- Proficiency working with static and dynamic application security testing and integration strategies in a CI/CD pipeline.
- Experience implementing reverse proxy and caching security concepts. Bonus points for experience working with content delivery networks (CDN) or extensive experience with network protocol analysis.
- Working knowledge of authorization, authentication and encryption strategies.
- Experience with Linux administration at scale, associated intrusion/manipulation techniques, and standard methodologies for system hardening and process isolation.
- Strong team collaborator that actively seeks to build and maintain productive working relationships in order to establish trust and influence outcomes.
- Working knowledge of the MITRE ATT&CK, NIST CSF, CIS Critical Control, and OWASP Top 10 frameworks.
- Demonstrated ability to weigh business needs with security priorities and make sound risk-based judgment calls.
- High emotional intelligence. Fastly teams care about one another, collaborate regularly and are part of a people first organization.
We’ll be super impressed if you have experience in any of these:
- Contributions to the security industry (e.g. white papers and OSS projects)
- Working knowledge of compiler and runtime security.
- Hands-on experience performing penetration testing, particularly for web applications.
- Working knowledge of database security, especially for MySQL.
Work Hours: This position will require you to be available during core business hours.
Work Location(s) & Travel Requirements:
This position is open to the following preferred office locations:
- Culver City, CA
- San Francisco, CA
- Denver, CO
- New York, NY
Fastly currently embraces a largely hybrid model for most roles which allows employees flexibility to split their time between the office and home.
Salary:
The estimated salary range for this position is $181,220 to $226,520.
Starting salary may vary based on permissible, non-discriminatory factors such as experience, skills, qualifications, and location.
This role may be eligible to participate in Fastly’s equity and discretionary bonus programs.
Benefits:
We care about you. Fastly works hard to create a positive environment for our employees, and we think your life outside of work is important too. We support our teams with great benefits that start on the first day of your employment with Fastly. Curious about our offerings?
We offer a comprehensive benefits package including medical, dental, and vision insurance. Family planning, mental health support along with Employee Assistance Program, Insurance (Life, Disability, and Accident), an open vacation policy and up to 18 days of accrued paid sick leave are there to help support our employees. We also offer 401(k) (including company match) and an Employee Stock Purchase Program. For 2023, we offer 10 paid local holidays, 11 paid company wellness days.
Why Fastly?
-
We have a huge impact. Fastly is a small company with a big reach. Not only do our customers have a tremendous user base, but we also support a growing number of open source projects and initiatives. Outside of code, employees are encouraged to share causes close to their heart with others so we can help lend a supportive hand.
-
We love distributed teams. Fastly’s home-base is in San Francisco, but we have multiple offices and employees sprinkled around the globe. As a new hire, you will be able to attend our IN-PERSON new hire orientation in our San Francisco office! It is an exciting week-long experience that we offer to new employees to build connections with colleagues across Fastly, participate in hands-on learning opportunities, and immerse yourself in our culture firsthand.
-
We value diversity. Growing and maintaining our inclusive and diverse team matters to us. We are committed to being a company where our employees feel comfortable bringing their authentic selves to work and have the ability to be successful -- every day.
-
We are passionate. Fastly is chock full of passionate people and we’re not ‘one size fits all’. Fastly employs authors, pilots, skiers, parents (of humans and animals), makeup geeks, coffee connoisseurs, and more. We love employees for who they are and what they are passionate about.
We’re always looking for humble, sharp, and creative folks to join the Fastly team. If you think you might be a fit please apply! A fully completed application and resume or CV are required when applying.
Fastly is committed to ensuring equal employment opportunity and to providing employees with a safe and welcoming work environment free of discrimination and harassment. Our employment decisions are based on business needs, job requirements and individual qualifications. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, family or parental status, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.
Consistent with the Americans with Disabilities Act (ADA) and federal or state disability laws, Fastly will provide reasonable accommodations for applicants and employees with disabilities. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact your Recruiter, or the Fastly Employee Relations team at candidateaccommodations@fastly.com or 501-287-4901.
Fastly collects and processes personal data submitted by job applicants in accordance with our Privacy Policy. Please see our privacy notice for job applicants.